POMOC s odstraněním virové nákazy

Yelkinson · Příspěvekod **Yelkinson** » 05 led 2008 13:59

tak zatim ok dik moc

Reklama

Příspěvekod **fredik** » 05 led 2008 17:56

Spusť znovu OTMoveIt2 a klikni na tlačítko CleanUp!. Zeptá se tě na začátek čištění tak zvol Yes. Pak se tě ještě jednou zeptá na povolení restartu tak zvol znovu Yes.

Yelkinson · Příspěvekod **Yelkinson** » 05 led 2008 18:32

udelal sem to tak jak si psal tak nevim jestli to bude fachat?
jak sem predtim psal ze je to ok tak asi nebylo protoze mi tak za hodku zacali znovu vyskakovat ty okna s nejakym varovanim v angl.neco to psalo o virech atd.
tak nevim?! :-(

Příspěvekod **fredik** » 05 led 2008 19:36

Stáhni si SUPERAntiSpyware
Nainstaluj a spusť ho a klikni na tlačítko Check for Updates...
Po provedení Update klikni na tlačítko: Scan your computer
Zvol možnost: Perform Complete Scan a klikni na tlačítko Další >

Proběhne kontrola, po skončení vypíše vše co našel.
Ujisti se že všechny položko jsou zaškrtnuty a pak zvol tlačítko Další
Pak klikni na tlačítko Finish a měl by ses dostat na úvodní obrazovku.
Tam klikni na tlačítko: Preferences... a tam zvol záložku Statistics/Logs
Tam klikni na log s dnešním datem který tam bude a dej tlačítko: View Log...
Otevře se ti Okno s logem tak jeho obsah sem zkopíruj, pokud něco najde + dej sem s ním zároveň nový log z HJT.

Yelkinson · Příspěvekod **Yelkinson** » 06 led 2008 21:10

tak sem to zkusil a ani sem nestacil dat dokoncit protoze se mi restartoval pc.
to asi melo byt az po odmacknuti tak nevim!

Příspěvekod **fredik** » 07 led 2008 16:20

Dej sem nový log z HJT, případně ještě před tím to projeď znovu pomocí SUPERAntiSpyware.

Yelkinson · Příspěvekod **Yelkinson** » 07 led 2008 23:19

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:16:03, on 7.1.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\Crawler\CToolbar.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\Program Files\Maxthon2\Maxthon.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.qip.ru
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60002
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60002
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\ctbr.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\ctbr.dll
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\ctbr.dll
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... eqlab2.cab
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\ctbr.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O21 - SSODL: bklgvsf - {9C613A67-63A5-4343-8ADF-B4C211AC175B} - (no file)
O21 - SSODL: ampkfst - {35D1ED4B-59D2-473B-BF4B-6420FA0A82DE} - (no file)
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

--
End of file - 3595 bytes

opet se mi to restartovalo :oops:

opsal sem co to naslo jestli to nejak pomuze:
Trojan downloader-gen suspicios -1
Adware tracking cookie-8

a jak sem to zkousel vcera ta tam byly taky nejaky ale uz nevim jaky ale bylo jich 18 celkem!

Příspěvekod **fredik** » 08 led 2008 22:01

Fixni v HJT tyto položky:
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O21 - SSODL: bklgvsf - {9C613A67-63A5-4343-8ADF-B4C211AC175B} - (no file)
O21 - SSODL: ampkfst - {35D1ED4B-59D2-473B-BF4B-6420FA0A82DE} - (no file)

Jestli máš ještě problémy tak sem dej log z ComboFix:
Stáhni si ComboFix (by sUBs) a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem klávesy 1
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah

Yelkinson · Příspěvekod **Yelkinson** » 08 led 2008 22:54

ComboFix 08-01-09.2 - Yelkinson 2008-01-08 22:45:47.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1250.1.1029.18.104 [GMT 1:00]
Running from: C:\Documents and Settings\Yelkinson\Plocha\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\MediaVideoCodec
C:\Program Files\MediaVideoCodec\imex.bat
C:\Program Files\MediaVideoCodec\install.ico
C:\Program Files\MediaVideoCodec\MediaVideoCodec.ocx
C:\Program Files\MediaVideoCodec\Uninstall.exe
C:\WINDOWS\dat.txt
C:\WINDOWS\foxflpd.exe

.
((((((((((((((((((((((((( Files Created from 2007-12-09 to 2008-01-09 )))))))))))))))))))))))))))))))
.

2008-01-08 22:29 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2008-01-07 20:51 . 2008-01-07 20:56 <DIR> d-------- C:\Program Files\QIP
2008-01-07 12:07 . 2008-01-07 12:07 20 --a------ C:\WINDOWS\mafosav.INI
2008-01-07 12:04 . 2008-01-07 12:04 <DIR> d-------- C:\Program Files\Mario Forever
2008-01-07 01:24 . 2008-01-07 01:24 <DIR> d-------- C:\WINDOWS\OPTIONS
2008-01-07 01:24 . 2008-01-07 01:24 <DIR> d-------- C:\Program Files\Realtek
2008-01-07 01:23 . 2008-01-07 01:23 <DIR> d-a------ C:\PCI_Install_5681(installshield 12_1.14)
2008-01-07 00:54 . 2008-01-07 01:21 16,069,843 --a------ C:\Creative_128D_drv51214111.exe
2008-01-07 00:45 . 2008-01-07 00:54 4,783,155 --a------ C:\realtek_rtl8100sb_681_xp.zip
2008-01-07 00:28 . 2008-01-07 00:28 <DIR> d-------- C:\Program Files\SystemRequirementsLab
2008-01-06 23:54 . 2008-01-06 23:54 <DIR> d-------- C:\Program Files\Driver-Soft
2008-01-06 23:54 . 2004-06-14 14:56 427,864 --a------ C:\WINDOWS\system32\XceedZip.dll
2008-01-06 19:20 . 2008-01-07 23:02 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2008-01-06 19:20 . 2008-01-06 19:20 <DIR> d-------- C:\Documents and Settings\Yelkinson\Data aplikací\SUPERAntiSpyware.com
2008-01-06 19:20 . 2008-01-06 19:20 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\SUPERAntiSpyware.com
2008-01-05 15:13 . 2008-01-08 21:03 <DIR> d-------- C:\Program Files\Crawler
2008-01-05 11:09 . 2008-01-05 11:11 <DIR> d-------- C:\Program Files\AdwareRemover2007
2008-01-05 10:13 . 2007-12-22 00:21 <DIR> d-------- C:\Documents and Settings\Administrator\Plocha
2008-01-05 10:13 . 2007-11-28 21:13 <DIR> d--h----- C:\Documents and Settings\Administrator\Okolní tiskárny
2008-01-05 10:13 . 2007-11-28 21:13 <DIR> d--h----- C:\Documents and Settings\Administrator\Okolní síť
2008-01-05 10:13 . 2007-11-28 21:13 <DIR> d-------- C:\Documents and Settings\Administrator\Oblíbené položky
2008-01-05 10:13 . 2007-11-28 20:22 <DIR> d--h----- C:\Documents and Settings\Administrator\Šablony
2008-01-05 10:13 . 2007-11-28 21:13 <DIR> dr------- C:\Documents and Settings\Administrator\Nabídka Start
2008-01-05 10:13 . 2007-11-28 21:13 <DIR> d-------- C:\Documents and Settings\Administrator\Dokumenty
2008-01-05 10:13 . 2007-11-28 21:13 <DIR> dr-h----- C:\Documents and Settings\Administrator\Data aplikací
2008-01-04 18:17 . 2003-08-29 15:13 1,551 --a------ C:\Documents and Settings\Yelkinson\Windows_XP_Home_Edition_Activation_Crack.zip
2008-01-03 18:58 . 2008-01-03 18:58 <DIR> d-------- C:\Program Files\PC Drivers HeadQuarters
2008-01-03 18:58 . 2008-01-03 18:58 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\PC Drivers HeadQuarters
2007-12-31 10:07 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2007-12-31 10:07 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2007-12-30 15:09 . 2007-12-30 15:09 <DIR> dr------- C:\Documents and Settings\LocalService\Oblíbené položky
2007-12-30 14:43 . 2007-12-30 14:43 <DIR> dr------- C:\Documents and Settings\NetworkService\Oblíbené položky
2007-12-30 14:38 . 2008-01-04 17:35 <DIR> d-------- C:\Program Files\Sygate
2007-12-30 12:38 . 2007-12-30 12:38 <DIR> d-------- C:\Documents and Settings\Yelkinson\Data aplikací\ESET
2007-12-30 04:05 . 2007-09-24 23:31 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2007-12-30 04:04 . 2007-12-30 04:05 <DIR> d-------- C:\Program Files\Java
2007-12-30 04:03 . 2007-12-30 04:03 <DIR> d-------- C:\Program Files\Common Files\Java
2007-12-30 03:21 . 2008-01-05 17:23 1,316 --a------ C:\WINDOWS\system32\tmp.reg
2007-12-30 02:08 . 2007-12-30 02:08 <DIR> d-------- C:\Program Files\IObit
2007-12-29 20:33 . 2007-12-29 20:33 390 --a------ C:\WINDOWS\ODBC.INI
2007-12-29 20:28 . 2007-12-29 20:30 <DIR> d-------- C:\WINDOWS\ShellNew
2007-12-29 12:13 . 2008-01-05 10:20 <DIR> d-------- C:\Program Files\Spyware Terminator
2007-12-29 12:13 . 2008-01-05 10:20 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2007-12-29 11:53 . 2007-12-29 11:53 0 --a------ C:\pspbrwse.jbf
2007-12-29 00:35 . 2007-12-29 00:35 <DIR> d-------- C:\Program Files\Trend Micro
2007-12-28 20:05 . 2007-12-28 20:05 <DIR> d-------- C:\Program Files\MSECache
2007-12-27 11:30 . 2007-12-27 13:02 <DIR> d-------- C:\Downloads
2007-12-27 11:27 . 2006-04-20 12:51 359,808 --a------ C:\WINDOWS\system32\drivers\tcpip.sys.flg
2007-12-27 11:26 . 2007-12-30 05:23 <DIR> d-------- C:\Program Files\FlashGet
2007-12-26 12:00 . 2007-12-26 12:00 <DIR> d-------- C:\Documents and Settings\Yelkinson\Data aplikací\Corel
2007-12-26 12:00 . 2007-12-29 17:04 3,350 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys
2007-12-26 12:00 . 2007-12-29 17:04 88 -r-hs---- C:\WINDOWS\system32\FAF499AE8D.sys
2007-12-25 21:04 . 2007-12-25 21:04 <DIR> d--h----- C:\WINDOWS\PIF
2007-12-25 11:25 . 2007-12-29 10:16 <DIR> d-------- C:\Documents and Settings\Yelkinson\Data aplikací\MxBoost
2007-12-24 19:23 . 2007-12-24 19:23 <DIR> d-------- C:\SAVE
2007-12-24 19:11 . 2007-12-24 19:11 57 --a------ C:\WINDOWS\sierra.ini
2007-12-24 19:09 . 2007-12-24 19:09 <DIR> d-------- C:\Sierra
2007-12-24 17:35 . 2007-12-24 17:35 <DIR> d-------- C:\Documents and Settings\Yelkinson\Data aplikací\DVD Flick
2007-12-24 13:48 . 2004-03-09 00:00 212,240 --a------ C:\WINDOWS\system32\richtx32.ocx
2007-12-24 13:48 . 2000-05-19 17:56 81,920 --a------ C:\WINDOWS\system32\mbmouse.ocx
2007-12-24 13:48 . 2000-11-05 15:27 36,864 --a------ C:\WINDOWS\system32\trayicon.ocx
2007-12-22 00:38 . 2008-01-07 01:11 <DIR> d-------- C:\Documents and Settings\Yelkinson\Data aplikací\XnView
2007-12-22 00:21 . 2001-03-08 18:30 24,064 --------- C:\WINDOWS\system32\msxml3a.dll
2007-12-22 00:00 . 2007-12-22 00:01 <DIR> d-------- C:\Program Files\XnView
2007-12-21 23:53 . 2007-12-21 23:55 <DIR> d-------- C:\Documents and Settings\Yelkinson\Data aplikací\Zoner
2007-12-21 23:52 . 2007-12-21 23:52 <DIR> d-------- C:\Program Files\Zoner
2007-12-21 23:29 . 2007-12-21 23:29 <DIR> d-------- C:\Documents and Settings\Yelkinson\Data aplikací\CyberLink
2007-12-21 23:28 . 2007-12-21 23:28 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\CyberLink
2007-12-21 23:25 . 2007-12-21 23:26 <DIR> d-------- C:\Program Files\CyberLink
2007-12-21 21:22 . 2007-12-21 22:03 <DIR> d-------- C:\Documents and Settings\Yelkinson\Data aplikací\Jpeg Resampler
2007-12-21 08:21 . 2007-12-21 08:21 71,176 --a------ C:\WINDOWS\system32\drivers\epfw.sys
2007-12-21 08:21 . 2007-12-21 08:21 53,768 --a------ C:\WINDOWS\system32\drivers\epfwtdi.sys
2007-12-21 08:21 . 2007-12-21 08:21 30,728 --a------ C:\WINDOWS\system32\drivers\epfwndis.sys
2007-12-21 08:20 . 2007-12-21 08:20 30,216 --a------ C:\WINDOWS\system32\drivers\easdrv.sys
2007-12-21 08:19 . 2007-12-21 08:19 39,944 --a------ C:\WINDOWS\system32\drivers\eamon.sys
2007-12-21 01:37 . 2004-08-17 15:49 1,888,992 --------- C:\WINDOWS\system32\ati3duag.dll
2007-12-21 01:33 . 2007-12-21 01:33 <DIR> d-------- C:\WINDOWS\ServicePackFiles
2007-12-21 01:31 . 2007-12-26 19:59 <DIR> d-------- C:\WINDOWS\EHome
2007-12-21 01:31 . 2004-07-17 11:40 19,528 --a------ C:\WINDOWS\000001_.tmp
2007-12-21 00:16 . 2007-10-12 15:14 3,734,536 --a------ C:\WINDOWS\system32\d3dx9_36.dll
2007-12-21 00:16 . 2007-07-19 18:14 3,727,720 --a------ C:\WINDOWS\system32\d3dx9_35.dll
2007-12-21 00:16 . 2007-10-12 15:14 1,374,232 --a------ C:\WINDOWS\system32\D3DCompiler_36.dll
2007-12-21 00:16 . 2007-07-19 18:14 1,358,192 --a------ C:\WINDOWS\system32\D3DCompiler_35.dll
2007-12-21 00:16 . 2007-10-02 09:56 444,776 --a------ C:\WINDOWS\system32\d3dx10_36.dll
2007-12-21 00:16 . 2007-07-19 18:14 444,776 --a------ C:\WINDOWS\system32\d3dx10_35.dll
2007-12-21 00:16 . 2007-10-22 03:39 267,272 --a------ C:\WINDOWS\system32\xactengine2_10.dll
2007-12-21 00:16 . 2007-07-20 00:57 267,112 --a------ C:\WINDOWS\system32\xactengine2_9.dll
2007-12-21 00:16 . 2007-06-20 20:46 266,088 --a------ C:\WINDOWS\system32\xactengine2_8.dll
2007-12-21 00:16 . 2007-10-22 03:37 17,928 --a------ C:\WINDOWS\system32\X3DAudio1_2.dll
2007-12-21 00:12 . 2007-12-21 00:14 <DIR> d--h----- C:\WINDOWS\msdownld.tmp
2007-12-20 17:21 . 2007-12-20 17:21 268 --ah----- C:\sqmdata19.sqm
2007-12-20 17:21 . 2007-12-20 17:21 244 --ah----- C:\sqmnoopt19.sqm
2007-12-20 08:56 . 2007-12-20 08:56 268 --ah----- C:\sqmdata18.sqm
2007-12-20 08:56 . 2007-12-20 08:56 244 --ah----- C:\sqmnoopt18.sqm
2007-12-20 01:02 . 2007-12-20 01:02 268 --ah----- C:\sqmdata17.sqm
2007-12-20 01:02 . 2007-12-20 01:02 244 --ah----- C:\sqmnoopt17.sqm
2007-12-20 00:21 . 2008-01-05 15:01 <DIR> d-------- C:\Program Files\Common Files\Adobe
2007-12-19 23:51 . 2008-01-07 18:51 <DIR> d-------- C:\Documents and Settings\Yelkinson\Data aplikací\skypePM
2007-12-19 23:51 . 2007-12-19 23:51 32 --a------ C:\Documents and Settings\All Users\Data aplikací\ezsid.dat
2007-12-19 23:50 . 2008-01-07 18:52 <DIR> d-------- C:\Documents and Settings\Yelkinson\Data aplikací\Skype

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-08 12:35 --------- d-----w C:\Program Files\Mozilla Firefox 3 Beta 1
2008-01-07 19:07 --------- d-----w C:\Program Files\ICQ6
2008-01-07 00:24 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-06 18:20 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2007-12-31 01:29 --------- d-----w C:\Program Files\Maxthon2
2007-12-30 11:36 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\ESET
2007-12-29 19:05 --------- d-----w C:\Program Files\MSN Messenger
2007-12-29 19:02 --------- d-----w C:\Program Files\Google
2007-12-21 23:20 --------- d-----w C:\Program Files\Common Files\InstallShield
2007-12-19 12:34 --------- d-----w C:\Documents and Settings\Yelkinson\Data aplikací\Azureus
2007-12-07 15:42 --------- d-----w C:\Program Files\MSI
2007-12-07 14:32 --------- d-----w C:\Documents and Settings\Yelkinson\Data aplikací\Lavasoft
2007-12-07 13:42 --------- d-----w C:\Program Files\DAEMON Tools
2007-12-07 13:41 --------- d-----w C:\Documents and Settings\Yelkinson\Data aplikací\WhenU
2007-12-07 13:36 685,816 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2007-12-07 08:12 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\InstallShield
2007-12-07 01:07 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\Azureus
2007-12-06 13:46 --------- d-----w C:\Documents and Settings\Yelkinson\Data aplikací\Uniblue
2007-12-05 11:18 --------- d-----w C:\Program Files\Xplosiv
2007-12-05 01:53 356,352 ----a-w C:\WINDOWS\system32\NVUNINST.EXE
2007-12-05 00:23 --------- d-----w C:\Program Files\CodeStuff
2007-12-04 17:01 --------- d-----w C:\Program Files\easetech
2007-12-04 16:42 --------- d-----w C:\Program Files\Audacity
2007-12-03 17:32 --------- d-----w C:\Program Files\Zoom Player
2007-12-03 13:44 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\NVIDIA
2007-12-03 13:00 --------- d-----w C:\Program Files\ICQToolbar
2007-12-03 03:52 --------- d-----w C:\Documents and Settings\Yelkinson\Data aplikací\MegauploadToolbar
2007-12-02 12:28 86,016 ----a-w C:\WINDOWS\system32\OpenAL32.dll
2007-12-02 12:28 262,144 ----a-w C:\WINDOWS\system32\wrap_oal.dll
2007-12-02 09:16 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\SRS Labs
2007-12-02 04:09 --------- d-----w C:\Program Files\MSXML 4.0
2007-12-02 02:26 --------- d-----w C:\Program Files\MegauploadToolbar
2007-12-01 17:36 --------- d-----w C:\Documents and Settings\Yelkinson\Data aplikací\Teleca
2007-12-01 17:34 --------- d-----w C:\Program Files\Common Files\Teleca Shared
2007-12-01 17:34 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\Sony Ericsson
2007-12-01 17:33 --------- d-----w C:\Program Files\Sony Ericsson
2007-12-01 17:33 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\Teleca
2007-12-01 17:25 6,144 ----a-w C:\WINDOWS\system32\drivers\k750cm.sys
2007-12-01 17:25 5,744 ----a-w C:\WINDOWS\system32\drivers\k750wh.sys
2007-12-01 15:56 --------- d-----w C:\Program Files\VGA USB Camera
2007-12-01 15:55 --------- d-----w C:\Documents and Settings\Yelkinson\Data aplikací\InstallShield
2007-11-30 17:29 --------- d-----w C:\Program Files\RegCleaner
2007-11-30 16:43 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\Yahoo! Companion
2007-11-30 15:56 --------- d-----w C:\Program Files\Yahoo!
2007-11-30 15:56 --------- d-----w C:\Program Files\CCleaner
2007-11-30 14:51 --------- d-----w C:\Program Files\Setup Files
2007-11-29 18:18 737,280 ----a-w C:\WINDOWS\iun6002.exe
2007-11-29 16:01 23,600 ----a-w C:\WINDOWS\system32\drivers\TVICHW32.SYS
2007-11-29 15:55 --------- d-----w C:\Program Files\Lavalys
2007-11-29 13:44 --------- d-----w C:\Documents and Settings\Yelkinson\Data aplikací\ICQ
2007-11-29 08:25 --------- d-----w C:\Documents and Settings\Yelkinson\Data aplikací\ICQ Toolbar
2007-11-28 19:29 --------- d-----w C:\Program Files\microsoft frontpage
2007-11-20 18:09 104,320 ----a-w C:\WINDOWS\system32\drivers\Rtnicxp.sys
2007-11-16 22:28 356,352 ----a-w C:\WINDOWS\system32\nvudisp.exe
2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2007-10-29 22:44 1,290,240 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-20 05:01 227,328 ----a-w C:\WINDOWS\system32\wmasf.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-18 13:00 15360]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 12:55 5674352]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-06-21 14:06 1318912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe" [2007-12-21 08:21 1443072]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-10-22 12:22 7700480]
"nwiz"="nwiz.exe" [2006-10-22 12:22 1622016 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-10-22 12:22 86016]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveSearch"= 1 (0x1)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 13:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

R3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\system32\DRIVERS\psched.sys [2004-08-18 13:00]
S3 NtApm;Ovladač rozhraní služby NT Apm/Legacy;C:\WINDOWS\system32\DRIVERS\NtApm.sys [2001-10-24 12:44]

*Newly Created Service* - PROCEXP90
.
Contents of the 'Scheduled Tasks' folder
"2008-01-05 11:11:00 C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC Nag.job"
- C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
"2007-12-02 10:50:53 C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC.job"
- C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-09 22:49:16
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

**************************************************************************
.
Completion time: 2008-01-09 22:51:39
ComboFix-quarantined-files.txt 2008-01-09 21:50:41
.
2008-01-04 14:32:23 --- E O F ---

Příspěvekod **fredik** » 10 led 2008 19:24

Jdi přes Start -> Spustit... a napiš do okna tento příkaz označený modře ComboFix /u (mezi comobofix a /u musí být mezera) a dej Ok.

Podívej se do Přidat nebo odebrat programy a jestli tam bude tak odinstaluj:
AdwareRemover2007
a smaž jeho adresář/složku:
C:\Program Files\AdwareRemover2007
Toto bych ti taky doporučil smazat.
C:\Documents and Settings\Yelkinson\Windows_XP_Home_Edition_Activation_Crack.zip

Máš ještě problémy?

POMOC s odstraněním virové nákazy

Kdo je online